Senior Security Engineer, AI Security Posture Management

Who we are

lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in.

As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.

About this team

The Data & AI Security team is responsible for protecting the organization's most critical data and AI assets while enabling responsible, scalable innovation.

We build and operate Data Security Posture Management (DSPM) and AI Security Posture Management (AISPM) capabilities across a complex, global ecosystem. Our work is highly cross-functional, partnering with Data & Analytics, Engineering, Legal, Privacy, and GRC teams to embed security by design while keeping the organization fast, compliant, and resilient. Our focus is on visibility, prevention, and remediation at scale, balancing strong security controls with minimum business friction.

The Senior Security Engineer, AI Security Posture Management, is responsible for securing the organization's AI ecosystem by discovering, assessing, and mitigating risks associated with AI models, data usage, model lifecycle, and AI-driven workflows. This role partners closely with Data Governance, Platform Engineering, and Security Architecture to enable safe and scalable AI adoption while ensuring regulatory, privacy, and corporate policy alignment.

Core responsibilities

As a Senior Cybersecurity Engineer, you will lead complex security engineering initiatives, designing and implementing security controls, platforms, and solutions that protect critical systems at scale.

You will build and operate enterprise security capabilities such as centralized authentication, security enforcement mechanisms, and security automation, while applying secure coding practices and rigorous testing and validation. You will partner closely with engineering teams to embed security into system design and delivery, drive improvements to security quality and reliability, and mentor junior engineers through hands-on technical leadership and knowledge sharing.

Select responsibilities include:

• Build enterprise security systems implementing centralized authentication, security platforms, and organization-wide controls
• Lead comprehensive threat modeling and security assessments for complex systems, evaluating attacker behaviour across integrations and influencing secure design decisions early in the development lifecycle
• Own end-to-end response for complex security incidents, driving deep root cause analysis and delivering coordinated long-term improvements to detection, prevention, and security monitoring capabilities
• Develop advanced security code, tools, and libraries including security automation platforms, scanners and detectors, security testing systems, and security SDKs
• Establish security code standards defining secure coding practices, code review requirements, and implementation quality

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, or related field
• 6-10 years of experience leading security engineering initiatives, establishing security standards and practices, and building security systems at scale, or equivalent
• Hands-on experience securing data used by AI systems, including data discovery, classification, access governance, and usage monitoring across cloud data platforms, feature stores, and AI pipelines
• Experience securing AI and analytics workloads in modern cloud environments, including identity and access controls, service-to-service authentication, secrets management, and policy enforcement across platforms supporting AI/ML development and inference (e.g., cloud data platforms, ML platforms, containerized services)
• Proven experience implementing enterprise security controls and building security infrastructure including centralized authentication, authorization services, and security policy enforcement systems at scale
• Track record of writing complex security systems including security platforms and SDKs; experience establishing security code review practices, security checklists, and security development frameworks
• Demonstrated ability to lead advanced threat modeling for complex systems, anticipating sophisticated adversarial behaviour; experience owning investigation and resolution of complex security incidents with deep root cause analysis

Must haves

• Acknowledge the presence of choice in every moment and take personal responsibility for your life
• Possess an entrepreneurial spirit and continuously innovate to achieve great results.
• Communicate with honesty and kindness and create the space for others to do the same.
• Lead with courage, knowing the possibility of greatness is bigger than the fear of failure.
• Foster connection by putting people first and building trusting relationships.
• Integrate fun and joy as a way of being and working, aka doesn't take yourself too seriously.

Please Note: Authorization to work in Canada is required for this role.

Compensation and benefits package

lululemon's compensation offerings are grounded in a pay-for-performance philosophy that recognizes exceptional individual and teamperformance. Thetypical hiring range for this positionis from$132,600 - $174,400 annually; the base pay offered is based on market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our competitive annual bonus program, subject to program eligibility requirements.

At lululemon, investing in our people is a top priority. We believe that when life works, work works. We strive to be the place where inclusive leaders come to develop and enable all to be well.

Recognizing our teams for their performance and dedication, other components of our total rewards offerings include support of career development, wellbeing, and personal growth:

• Extended health and dental benefits, and mental health plans
• Paid time off
• Savings and retirement plan matching
• Generous employee discount
• Fitness & yoga classes
• Parenthood top-up
• Extensive catalog of development course offerings
• People networks, mentorship programs, and leadership series(to name a few)

Note: The incentive programs, benefits, and perks have certain eligibility requirements. The Company reserves the right to alter these incentive programs, benefits, and perks in whole or in part at any time without advance notice.

Workplace arrangement

This role is classified asIn-Personunder our SSC Workplace Policy: In-person collaboration and/or office-based work is necessary or important for the role.

Work is mainly performed onsite, 4-5 days per week depending on role requirements.